For a little over 24 hours I had users that could not logon to Outlook Mobile App (both IOS and Android) once assigned the compliance and conditional access policy.
This affected new users (newly assigned comliance and access policy)
Existing users continued to work and were not impacted
Existing user that unenrolled, then re-enrolled would then not be able to login
Company Portal, and other managed applications would install and were accessible with no issue
There were no configuration changes made
Removing conditional access policy (but leaving the compliance policy), users could authenticate and use native mail, but still not Outlook App.
The issue seems to have corrected itself, but this was present for over 24 hours. Support indicated we should just accept it as it was probably related to the migration to Azure. I have asked them (support) to dig a bit deeper to get a some sort of answer from the product team, but maybe someone here has some insight?
Did you see anything in your Service Health Dashboard? Usually they will post a Post Incident Review within about 5 days of any issues. Did you capture the issues of the individual users? If there was a legitimate issue then you should ask for further explanation.
However you do mention migration to Azure - what kind of migration are you referring to?
Nothing on the Dashboard, first thing I checked. Intune is in the process of moving to Azure. Support used that as the fall back answer, at least initially. Basicly indicating, that small issues may arrise with the move, and they won't really have visibility into what those are.
I however did have a call wth the Intune manager, and on their end they could not verify any service issues with Intune on the tennant. At least on Friday they had no updates from the product team. They acknowledged the problem existed, but were not sure of it's origin. Now that it's resolved, it's pretty difficult to get any deeper. I beleieve we have come to a consensus however that it was not Intune, and the issue mroe than likely was with Exchange. Exchnage did have posted issues on this day for the tennant but they were not related to modern authentication. The circumstational evidence at this point however seems to indicate that's where the problem may have been.
The best I got back here was the Intune team confirming it was not them, and they indicated they believed it to be Exchange. I got no confirmation from the Exchange team of anything they identified during this period. Guess I'll have to live with that.